papertrail

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow instructs using paperctl to pull and search logs from Papertrail (and even fetch worker IDs from the public Taskcluster API https://firefox-ci-tc.services.mozilla.com), which ingests untrusted, user/system-generated third-party content that the agent is expected to read and act on—allowing malicious or instructional payloads in logs to influence decisions or follow-up actions.